Internship - Analysis of a proprietary mesh network protocol

About Quarkslab

Quarkslab builds cutting-edge cybersecurity solutions used by security-driven companies and institutions around the world. Our QShield product suite focuses on software protection and reverse engineering resistance across desktop, mobile, and embedded platforms.

We’re not in the cloud — we build real software, tested on real systems. If you enjoy diving deep into complex technical environments, automating smart test coverage, and owning quality end-to-end, read on.

Description

A vendor producing a lot of wireless-enabled System-on-Chips (SOCs) used in various IoT devices, developed its own wireless mesh network which they advertise as a proprietary "Bluetooth Mesh" protocol. The vendor provides a Bluetooth Low Energy gateway, that has already been reverse-engineered and documented, to access the custom mesh network but their own custom protocol, used to make devices communicate over the air, still remains a black box.

We want to open that box and look inside.

What you will do

In this internship you will:

• Reverse-engineer and document the vendor's mesh network protocol, using both an off-the-shelf Bluetooth Mesh smart bulb kit and the vendor's Bluetooth Mesh Starter Kit

• Search for vulnerabilities in the mesh protocol implementation and develop one or more proof-of-concepts

• Add support for the propietary mesh network protocol to WHAD, and develop dedicated tools for recon and exploitation

• Present your research project internally to peers, communicate it publicly in a blog post, paper or conference talk.

Required Skills

Skills required for this internship:

• wireless protocol analysis/reverse-engineering techniques and related tools (Inspectrum, URH, Gnuradio, ...)

• Firmware and ELF reverse-engineering

• Embedded development in C/C++

• Python3 development

Assignment

Contact us to receive an internship challenge to apply.